skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The script scripts/init_skill.py programmatically modifies file permissions. Evidence: It calls example_script.chmod(0o755) to make newly initialized template scripts executable on the local filesystem.
- [PROMPT_INJECTION]: The skill implements a meta-creation workflow that generates executable code based on user-provided content. Ingestion points: SKILL.md (Steps 1, 2, and 4) instructs the agent to ingest user examples and logic to populate new skill files. Boundary markers: None present. Capability inventory: Uses Write and Edit tools to generate .py scripts and .md documentation. Sanitization: No validation or sanitization is performed on user-provided logic before it is written to scripts.
- [DATA_EXFILTRATION]: Local directory metadata is exposed in documentation. Evidence: DEPRECATED.md references an absolute path revealing a local username and system structure.
Audit Metadata